Unpatched software, human factor behind data breaches, says cyber security firm F-Secure

Most of the companies fall victim to cyber attackers either because of unpatched software with known vulnerabilities or because of the human factor like people falling victim to phishing emails, said Finland-based cyber security firm F-Secure.

By: IANS | London | Updated: May 29, 2017 10:23 pm
F Secure cybersecurity firm, unpatched software, human factor, security breaches, security measures,  "WannaCrypt" ransomware attack, Windows Server Message Block (SMB) vulnerability, new security vulnerability,  shadow IT, external misconfigurations, companies unaware of attack surface, technology, technology news It takes 103 days for a vulnerability to be remediated while a new security vulnerability is identified every 90 minutes, says the firm. (Source: F-Secure)

Most of the companies fall victim to cyber attackers either because of unpatched software with known vulnerabilities or because of the human factor like people falling victim to phishing emails, Finland-based cyber security firm F-Secure said on Monday.

According to the firm, the exploitation of known vulnerabilities is still the root cause of most breaches while all other security measures are just secondary measures designed to catch attacks that happen because of these two reasons. “Still, companies are fixated on zero days and the newest methods of attack which are often fairly restricted and obscure,” said Janne Kauhanen, cyber security expert at F-Secure, in a statement.

Also Read:WannaCry: India least prepared due to low awareness level, says IT security official

The massive “WannaCrypt” ransomware attack is the most recent example of a known vulnerability being exploited to great effect. “The outbreak is based on a Windows Server Message Block (SMB) vulnerability, MS17-010, that had been patched by Microsoft in March. The spread of the worm would have been reduced had more systems been kept up to date,” the firm noted.

It takes 103 days for a vulnerability to be remediated while a new security vulnerability is identified every 90 minutes.”The best way to handle cyber threats is to actually foresee them by fixing vulnerabilities before they can even be exploited,” added Jimmy Ruokolainen, Vice President, Product Management at F-Secure. With shadow IT, external misconfigurations, and potentially vulnerable partners, companies aren’t usually aware of their entire attack surface, he added.

For all the latest Technology News, download Indian Express App

  1. A
    Asraf
    May 30, 2017 at 1:57 pm
    Hi Editors, I am following your blog for a long time and want to share my content with your readers. I believe that I can add value to your audience on a few different topics with valuable information. Since you already publish guest posts from different authors in your niche, I thought it would be nice if I too had an opportunity to present your blog’s readers with something of real value. Could you allow guest posts on web security? Let us know, If you allow guest posts. Thanks
    Reply